Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. PT0-003

CompTIA PT0-003 Exam (page: 5)
CompTIA PenTest+
Updated on: 12-Jan-2026

Viewing Page 5 of 49
PT0-003 PDF 199 Questions

[Attacks and Exploits]
A penetration tester attempts to run an automated web application scanner against a target URL. The tester validates that the web page is accessible from a different device. The tester analyzes the following HTTP request header logging output:
200; GET /login.aspx HTTP/1.1 Host: foo.com; User-Agent: Mozilla/5.0 200; GET /login.aspx HTTP/1.1 Host: foo.com; User-Agent: Mozilla/5.0 No response; POST /login.aspx HTTP/1.1 Host: foo.com; User-Agent: curl 200; POST /login.aspx HTTP/1.1 Host: foo.com; User-Agent: Mozilla/5.0 No response; GET /login.aspx HTTP/1.1 Host: foo.com; User-Agent: python

Which of the following actions should the tester take to get the scans to work properly?

  1. Modify the scanner to slow down the scan.
  2. Change the source IP with a VPN.
  3. Modify the scanner to only use HTTP GET requests.
  4. Modify the scanner user agent.

Answer(s): D



[Tools and Code Analysis]
During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected.
Which of the following describes the information the junior tester will receive from the Hunter.io tool?

  1. A collection of email addresses for the target domain that is available on multiple sources on the internet
  2. DNS records for the target domain and subdomains that could be used to increase the external attack surface
  3. Data breach information about the organization that could be used for additional enumeration
  4. Information from the target's main web page that collects usernames, metadata, and possible data exposures

Answer(s): A

Explanation:

Hunter.io is a tool used for finding professional email addresses associated with a domain. Here's what it provides:
Functionality of Hunter.io:
Email Address Collection: Gathers email addresses associated with a target domain from various sources across the internet.
Verification: Validates the email addresses to ensure they are deliverable. Sources: Aggregates data from public sources, company websites, and other internet databases.
Comparison with Other Options:
DNS Records (B): Hunter.io does not focus on DNS records; tools like dig or nslookup are used for DNS information.
Data Breach Information (C): Services like Have I Been Pwned are used for data breach information. Web Page Information (D): Tools like wget, curl, or specific web scraping tools are used for collecting detailed web page information.
Hunter.io is specifically designed to collect and validate email addresses for a given domain, making it the correct answer.



[Attacks and Exploits]
A penetration tester downloads a JAR file that is used in an organization's production environment. The tester evaluates the contents of the JAR file to identify potentially vulnerable components that can be targeted for exploit.
Which of the following describes the tester's activities?

  1. SAST
  2. SBOM
  3. ICS
  4. SCA

Answer(s): D

Explanation:

The tester's activity involves analyzing the contents of a JAR file to identify potentially vulnerable components. This process is known as Software Composition Analysis (SCA). Here's why:
Understanding SCA:
Definition: SCA involves analyzing software to identify third-party and open-source components, checking for known vulnerabilities, and ensuring license compliance. Purpose: To detect and manage risks associated with third-party software components.
Comparison with Other Terms:
SAST (A): Static Application Security Testing involves analyzing source code for security vulnerabilities without executing the code.
SBOM (B): Software Bill of Materials is a detailed list of all components in a software product, often used in SCA but not the analysis itself.
ICS (C): Industrial Control Systems, not relevant to the context of software analysis. The tester's activity of examining a JAR file for vulnerable components aligns with SCA, making it the correct answer.



During a penetration testing engagement, a tester targets the internet-facing services used by the client.
Which of the following describes the type of assessment that should be considered in this scope of work?

  1. Segmentation
  2. Mobile
  3. External
  4. Web

Answer(s): C

Explanation:

An external assessment focuses on testing the security of internet-facing services. Here's why option C is correct:
External Assessment: It involves evaluating the security posture of services exposed to the internet, such as web servers, mail servers, and other public-facing infrastructure. The goal is to identify vulnerabilities that could be exploited by attackers from outside the organization's network.

Segmentation: This type of assessment focuses on ensuring that different parts of a network are appropriately segmented to limit the spread of attacks. It's more relevant to internal network architecture.
Mobile: This assessment targets mobile applications and devices, not general internet-facing services.
Web: While web assessments focus on web applications, the scope of an external assessment is broader and includes all types of internet-facing services.
Reference from Pentest:
Horizontall HTB: Highlights the importance of assessing external services to identify vulnerabilities that could be exploited from outside the network.
Luke HTB: Demonstrates the process of evaluating public-facing services to ensure their security.
Conclusion:

Option C, External, is the most appropriate type of assessment for targeting internet-facing services used by the client.



A penetration tester has just started a new engagement. The tester is using a framework that breaks the life cycle into 14 components.
Which of the following frameworks is the tester using?

  1. OWASP MASVS
  2. OSSTMM
  3. MITRE ATT&CK
  4. CREST

Answer(s): B

Explanation:

The OSSTMM (Open Source Security Testing Methodology Manual) is a comprehensive framework for security testing that includes 14 components in its life cycle. Here's why option B is correct:
OSSTMM: This methodology breaks down the security testing process into 14 components, covering various aspects of security assessment, from planning to execution and reporting. OWASP MASVS: This is a framework for mobile application security verification and does not have a 14-component life cycle.
MITRE ATT&CK: This is a knowledge base of adversary tactics and techniques but does not describe a 14-component life cycle.
CREST: This is a certification body for penetration testers and security professionals but does not provide a specific 14-component framework.
Reference from Pentest:
Anubis HTB: Emphasizes the structured approach of OSSTMM in conducting comprehensive security assessments.
Writeup HTB: Highlights the use of detailed methodologies like OSSTMM to cover all aspects of security testing.
Conclusion:
Option B, OSSTMM, is the framework that breaks the life cycle into 14 components, making it the correct answer.



Viewing Page 5 of 49



Share your comments for CompTIA PT0-003 exam with other users:

x-men 5/23/2023 1:02:00 AM

q23, its an array, isnt it? starts with [ and end with ]. its an array of objects, not object.
UNITED STATES


abuti 7/21/2023 6:24:00 PM

cool very helpfull
Anonymous


Krishneel 3/17/2023 10:34:00 AM

i just passed. this exam dumps is the same one from prepaway and examcollection. it has all the real test questions.
INDIA


Regor 12/4/2023 2:01:00 PM

is this a valid prince2 practitioner dumps?
UNITED KINGDOM


asl 9/14/2023 3:59:00 PM

all are relatable questions
CANADA


Siyya 1/19/2024 8:30:00 PM

might help me to prepare for the exam
Anonymous


Ted 6/21/2023 11:11:00 PM

just paid and downlaod the 2 exams using the 50% sale discount. so far i was able to download the pdf and the test engine. all looks good.
GERMANY


Paul K 11/27/2023 2:28:00 AM

i think it should be a,c. option d goes against the principle of building anything custom unless there are no work arounds available
INDIA


ph 6/16/2023 12:41:00 AM

very legible
Anonymous


sephs2001 7/31/2023 10:42:00 PM

is this exam accurate or helpful?
Anonymous


ash 7/11/2023 3:00:00 AM

please upload dump, i have exam in 2 days
INDIA


Sneha 8/17/2023 6:29:00 PM

this is useful
CANADA


sachin 12/27/2023 2:45:00 PM

question 232 answer should be perimeter not netowrk layer. wrong answer selected
Anonymous


tomAws 7/18/2023 5:05:00 AM

nice questions
BRAZIL


Rahul 6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?
INDIA


TeamOraTech 12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.
Anonymous


Curtis 7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.
UNITED STATES


sam 7/17/2023 6:22:00 PM

cannot evaluate yet
Anonymous


nutz 7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid
UNITED STATES


rajesh soni 1/17/2024 6:53:00 AM

good examplae to learn basic
INDIA


Tanya 10/25/2023 7:07:00 AM

this is useful information
Anonymous


Nasir Mahmood 12/11/2023 7:32:00 AM

looks usefull
Anonymous


Jason 9/30/2023 1:07:00 PM

question 81 should be c.
CANADA


TestPD1 8/10/2023 12:22:00 PM

question 18 : response isnt a ?
EUROPEAN UNION


ally 8/19/2023 5:31:00 PM

plaese add questions
TURKEY


DIA 10/7/2023 5:59:00 AM

is dumps still valid ?
FRANCE


Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous


Rajender 10/18/2023 3:54:00 AM

i would like to take psm1 exam.
Anonymous